Data traffic handling in a distributed fabric protocol (DFP) switching network architecture

ABSTRACT

A switching network includes an upper tier having a master switch and a lower tier including a plurality of lower tier entities. The master switch, which has a plurality of ports each coupled to a respective lower tier entity, implements on each of the ports a plurality of virtual ports each corresponding to a respective one of a plurality of remote physical interfaces (RPIs) at the lower tier entity coupled to that port. Data traffic communicated between the master switch and RPIs is queued within virtual ports that correspond to the RPIs with which the data traffic is communicated. The master switch applies data handling to the data traffic in accordance with a control policy based at least upon the virtual port in which the data traffic is queued, such that the master switch applies different policies to data traffic queued to two virtual ports on the same port of the master switch.

This application is a continuation of U.S. patent application Ser. No.13/107,895 entitled “DATA TRAFFIC HANDLING IN A DISTRIBUTED FABRICPROTOCOL (DFP) SWITCHING NETWORK ARCHITECTURE,” by Keshav Kamble et al.,filed on May 14, 2011, the disclosure of which is incorporated herein byreference in its entirety for all purposes.

BACKGROUND OF THE INVENTION

1. Technical Field

The present invention relates in general to network communication and,in particular, to an improved switching network architecture forcomputer networks.

2. Description of the Related Art

As is known in the art, network communication is commonly premised onthe well known seven layer Open Systems Interconnection (OSI) model,which defines the functions of various protocol layers while notspecifying the layer protocols themselves. The seven layers, sometimesreferred to herein as Layer 7 through Layer 1, are the application,presentation, session, transport, network, data link, and physicallayers, respectively.

At a source station, data communication begins when data is receivedfrom a source process at the top (application) layer of the stack offunctions. The data is sequentially formatted at each successively lowerlayer of the stack until a data frame of bits is obtained at the datalink layer. Finally, at the physical layer, the data is transmitted inthe form of electromagnetic signals toward a destination station via anetwork link. When received at the destination station, the transmitteddata is passed up a corresponding stack of functions in the reverseorder in which the data was processed at the source station, thussupplying the information to a receiving process at the destinationstation.

The principle of layered protocols, such as those supported by the OSImodel, is that, while data traverses the model layers vertically, thelayers at the source and destination stations interact in a peer-to-peer(i.e., Layer N to Layer N) manner, and the functions of each individuallayer are performed without affecting the interface between the functionof the individual layer and the protocol layers immediately above andbelow it. To achieve this effect, each layer of the protocol stack inthe source station typically adds information (in the form of anencapsulated header) to the data generated by the sending process as thedata descends the stack. At the destination station, these encapsulatedheaders are stripped off one-by-one as the data propagates up the layersof the stack until the decapsulated data is delivered to the receivingprocess.

The physical network coupling the source and destination stations mayinclude any number of network nodes interconnected by one or more wiredor wireless network links. The network nodes commonly include hosts(e.g., server computers, client computers, mobile devices, etc.) thatproduce and consume network traffic, switches, and routers. Conventionalnetwork switches interconnect different network segments and process andforward data at the data link layer (Layer 2) of the OSI model. Switchestypically provide at least basic bridge functions, including filteringdata traffic by Layer 2 Media Access Control (MAC) address, learning thesource MAC addresses of frames, and forwarding frames based upondestination MAC addresses. Routers, which interconnect differentnetworks at the network (Layer 3) of the OSI model, typically implementnetwork services such as route processing, path determination and pathswitching.

A large network typically includes a large number of switches, whichoperate independently at the management, control and data planes.Consequently, each switch must be individually configured, implementsindependent control on data traffic (e.g., access control lists (ACLs)),and forwards data traffic independently of data traffic handled by anyother of the switches.

SUMMARY OF THE INVENTION

In accordance with at least one embodiment, the management, control anddata handling of a plurality of switches in a computer network isimproved.

In at least one embodiment, a switching network includes an upper tierincluding a master switch and a lower tier including a plurality oflower tier entities. The master switch includes a plurality of portseach coupled to a respective one of the plurality of lower tierentities. Each of the plurality of ports includes a plurality of virtualports each corresponding to a respective one of a plurality of remotephysical interfaces (RPIs) at the lower tier entity coupled to thatport. Each of the plurality of ports also includes a receive interfacethat, responsive to receipt of data traffic from a particular lower tierentity among the plurality of lower tier entities, queues the datatraffic to the virtual port among the plurality of virtual ports thatcorresponds to the RPI on the particular lower tier entity that was thesource of the data traffic. The master switch further includes a switchcontroller that switches data traffic from the virtual port to an egressport among the plurality of ports from which the data traffic isforwarded.

In at least one embodiment, a switching network includes an upper tierand a lower tier including a plurality of lower tier entities. A masterswitch in the upper tier, which has a plurality of ports each coupled toa respective lower tier entity, implements on each of the ports aplurality of virtual ports each corresponding to a respective one of aplurality of remote physical interfaces (RPIs) at the lower tier entitycoupled to that port. Data traffic communicated between the masterswitch and RPIs is queued within virtual ports that correspond to theRPIs on lower tier entities with which the data traffic is communicated.The master switch enforces priority-based flow control (PFC) on datatraffic of a given virtual port by transmitting, to a lower tier entityon which a corresponding RPI resides, a PFC data frame specifyingpriorities for at least two different classes of data trafficcommunicated by the particular RPI.

In at least one embodiment, a switching network includes an upper tierhaving a master switch and a lower tier including a plurality of lowertier entities. The master switch, which has a plurality of ports eachcoupled to a respective lower tier entity, implements on each of theports a plurality of virtual ports each corresponding to a respectiveone of a plurality of remote physical interfaces (RPIs) at the lowertier entity coupled to that port. Data traffic communicated between themaster switch and RPIs is queued within virtual ports that correspond tothe RPIs with which the data traffic is communicated. The master switchapplies data handling to the data traffic in accordance with a controlpolicy based at least upon the virtual port in which the data traffic isqueued, such that the master switch applies different policies to datatraffic queued to two virtual ports on the same port of the masterswitch.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a high level block diagram of a data processing environment inaccordance with one embodiment;

FIG. 2 is a high level block diagram of one embodiment of a distributedfabric protocol (DFP) switching network architecture that can beimplemented within the data processing environment of FIG. 1;

FIG. 3 is a high level block diagram of another embodiment of a DFPswitching network architecture that can be implemented within the dataprocessing environment of FIG. 1;

FIG. 4 is a more detailed block diagram of a host in FIG. 3 inaccordance with one embodiment;

FIG. 5A is a high level block diagram of an exemplary embodiment of amaster switch of a DFP switching network in accordance with oneembodiment;

FIG. 5B is a high level block diagram of an exemplary embodiment of afollower switch of a DFP switching network in accordance with oneembodiment;

FIG. 6 is a view of the DFP switching network architecture of FIG. 2 orFIG. 3 presented as a virtualized switch via a management interface inaccordance with one embodiment;

FIG. 7 is a high level logical flowchart of an exemplary process formanaging a DFP switching network in accordance with one embodiment;

FIG. 8 is depicted a high level logical flowchart of an exemplaryprocess by which network traffic is forwarded from a lower tier to anupper tier of a DFP switching network configured to operate as avirtualized switch in accordance with one embodiment;

FIG. 9 is a high level logical flowchart of an exemplary process bywhich a master switch at the upper tier handles a data frame receivedfrom the lower tier of a DFP switching network in accordance with oneembodiment;

FIG. 10 is a high level logical flowchart of an exemplary process bywhich a follower switch or host at the lower tier handles a data framereceived from a master switch at the upper tier of a DFP switchingnetwork in accordance with one embodiment;

FIG. 11 is a high level logical flowchart of an exemplary method ofoperating a link aggregation group (LAG) in a DFP switching network inaccordance with one embodiment;

FIG. 12 depicts an exemplary embodiment of a LAG data structure utilizedto record membership of a LAG in accordance with one embodiment;

FIG. 13 is a high level logical flowchart of an exemplary method ofmulticasting in a DFP switching network in accordance with oneembodiment;

FIG. 14 depicts exemplary embodiments of Layer 2 and Layer 3 multicastindex data structures;

FIG. 15 is a high level logical flowchart of an exemplary method ofenhanced transmission selection (ETS) in a DFP switching network inaccordance with one embodiment;

FIG. 16 depicts an exemplary enhanced transmission selection (ETS) datastructure that may be utilized to configure ETS for a master switch of aDFP switching network in accordance with one embodiment;

FIG. 17 is a high level logical flowchart of an exemplary method bywhich a DFP switching network implements priority-based flow control(PFC) and/or other services at a lower tier;

FIG. 18 depicts an exemplary PFC data frame 1800 that may be utilized toimplement priority-based flow control (PFC) and/or other services at alower tier of a DFP switching network in accordance with one embodiment;

FIG. 19A is a high level logical flowchart of an exemplary process bywhich a lower level follower switch of a DFP switching network processesa PFC data frame received from a master switch in accordance with oneembodiment; and

FIG. 19B is a high level logical flowchart of an exemplary process bywhich a lower level host in a DFP switching network processes a PFC dataframe received from a master switch in accordance with one embodiment.

DETAILED DESCRIPTION OF ILLUSTRATIVE EMBODIMENT

Disclosed herein is a switching network architecture that imposesunified management, control and data planes on a plurality ofinterconnected switches in a computer network.

With reference now to the figures and with particular reference to FIG.1, there is illustrated a high level block diagram of an exemplary dataprocessing environment 100 in accordance within one embodiment. Asshown, data processing environment 100 includes a collection ofresources 102. Resources 102, which may include various hosts, clients,switches, routers, storage, etc., are interconnected for communicationand may be grouped (not shown) physically or virtually, in one or morepublic, private, community, public, or cloud networks or a combinationthereof. In this manner, data processing environment 100 can offerinfrastructure, platforms, software and/or services accessible tovarious client devices 110, such as personal (e.g., desktop, laptop,netbook, tablet or handheld) computers 110 a, smart phones 110 b, servercomputer systems 110 c and consumer electronics, such as media players(e.g., set top boxes, digital versatile disk (DVD) players, or digitalvideo recorders (DVRs)) 110 d. It should be understood that the types ofclient devices 110 shown in FIG. 1 are illustrative only and that clientdevices 110 can be any type of electronic device capable ofcommunicating with and accessing resources 102 via a packet network.

Referring now to FIG. 2, there is illustrated a high level block diagramof an exemplary distributed fabric protocol (DFP) switching networkarchitecture that may be implemented within resources 102 in accordancewith one embodiment. In the illustrated exemplary embodiment, resources102 include a plurality of physical and/or virtual network switchesforming a DFP switching network 200. In contrast to conventional networkenvironments in which each switch implements independent management,control and data planes, DFP switching network 200 implements unifiedmanagement, control and data planes, enabling all the constituentswitches to be viewed as a unified virtualized switch, thus simplifyingdeployment, configuration, and management of the network fabric.

DFP switching network 200 includes two or more tiers of switches, whichin the instant embodiment includes a lower tier having a plurality offollower switches, including follower switches 202 a-202 d, and an uppertier having a plurality of master switches, including master switches204 a-204 b. In an embodiment with two tiers as shown, a port of eachmaster switch 204 is directly connected by one of inter-tier links 206to one of the ports of each follower switch 202, and a port of eachmaster switch 204 is coupled directly or indirectly to a port at leastone other master switch 204 by a master link 208. When such distinctionsare relevant, ports supporting switch-to-switch communication viainter-tier links 206 are referred to herein as “inter-switch ports,” andother ports (e.g., of follower switch 202 a-202 d) are referred to as“data ports.”

In a preferred embodiment, follower switches 202 are configured tooperate on the data plane in a pass-through mode, meaning that allingress data traffic received at data ports 210 of follower switches 202(e.g., from hosts) is forwarded by follower switches 202 viainter-switch ports and inter-tier links 206 to one of master switches204. Master switches 204 in turn serve as the fabric for the datatraffic (hence the notion of a distributed fabric) and implement allpacket switching and routing for the data traffic. With this arrangementdata traffic may be forwarded, for example, in the first exemplary flowindicated by arrows 212 a-212 d and the second exemplary flow indicatedby arrows 214 a-214 e.

As will be appreciated, the centralization of switching and routing forfollower switches 202 in master switches 204 implies that masterswitches 204 have knowledge of the ingress data ports of followerswitches 202 on which data traffic was received. In a preferredembodiment, switch-to-switch communication via links 206, 208 employs aLayer 2 protocol, such as the Inter-Switch Link (ISL) protocol developedby Cisco Corporation or IEEE 802.1QnQ, that utilizes explicit tagging toestablish multiple Layer 2 virtual local area networks (VLANs) over DFPswitching network 200. Each follower switch 202 preferably applies VLANtags (also known as service tags (S-tags)) to data frames to communicateto the recipient master switch 204 the ingress data port 210 on thefollower switch 202 on which the data frame was received. In alternativeembodiments, the ingress data port can be communicated by anotheridentifier, for example, a MAC-in-MAC header, a unique MAC address, anIP-in-IP header, etc. As discussed further below, each data port 210 oneach follower switch 202 has a corresponding virtual port (or vport) oneach master switch 204, and data frames ingressing on the data port 210of a follower switch 202 are handled as if ingressing on thecorresponding vport of the recipient master switch 204.

With reference now to FIG. 3, there is illustrated an a high level blockdiagram of another exemplary distributed fabric protocol (DFP) switchingnetwork architecture that may be implemented within resources 102 inaccordance with one embodiment. The DFP architecture shown in FIG. 3,which implements unified management, control and data planes across aDFP switching network 300, may be implemented within resources 102 as analternative to or in addition to DFP switching network architecturedepicted in FIG. 2.

In the illustrated exemplary embodiment, the resources 102 within DFPswitching network 300 include one or more physical and/or virtualnetwork switches implementing at least one of master switches 204 a-204b in an upper tier. Switching network 300 additionally includes at alower tier a plurality of physical hosts 302 a-302 d. As depicted inFIG. 4, in an exemplary embodiment, each host 302 includes one or morenetwork interfaces 404 (e.g., network interface cards (NICs), convergednetwork adapters (CNAs), etc.) that provides an interface by which thathost 302 communicates with master switch(es) 204. Host 302 additionallyincludes one or more processors 402 (typically comprising one or moreintegrated circuits) that process data and program code, for example, tomanage, access and manipulate data or software in data processingenvironment 100. Host 302 also includes input/output (I/O) devices 406,such as ports, displays, user input devices and attached devices, etc.,which receive inputs and provide outputs of the processing performed byhost 302 and/or other resource(s) in data processing environment 100.Finally, host 302 includes data storage 410, which may include one ormore volatile or non-volatile storage devices, including memories, solidstate drives, optical or magnetic disk drives, tape drives, etc. Datastorage 410 may store, for example, program code (including software,firmware or a combination thereof) and data.

Returning to FIG. 3, the program code executed by each host 302 includesa virtual machine monitor (VMM) 304 (also referred to as a hypervisor)which virtualizes and manages the resources of its respective physicalhost 302. Each VMM 304 allocates resources to, and supports theexecution of one or more virtual machines (VMs) 306 in one or morepossibly heterogeneous operating system partitions. Each of VMs 304 mayhave one (and in some cases multiple) virtual network interfaces(virtual NICs (VNICs)) providing network connectivity at least at Layers2 and 3 of the OSI model.

As depicted, one or more of VMMs 304 a-304 d may optionally provide oneor more virtual switches (VSs) 310 (e.g., Fibre Channel switch(es),Ethernet switch(es), Fibre Channel over Ethernet (FCoE) switches, etc.)to which VMs 306 can attach. Similarly, one or more of the networkinterfaces 404 of hosts 302 may optionally provide one or more virtualswitches (VSs) 312 (e.g., Fibre Channel switch(es), Ethernet switch(es),FCoE switches, etc.) to which VMs 306 may connect. Thus, VMs 306 are innetwork communication with master switch(es) 204 via inter-tier links206, network interfaces 404, the virtualization layer provided by VMMs304, and optionally, one or more virtual switches 310, 312 implementedin program code and/or hardware.

As in FIG. 2, virtual switches 310, 312, if present, are preferablyconfigured to operate on the data plane in a pass-through mode, meaningthat all ingress data traffic received from VMs 306 at the virtual dataports of virtual switches 310, 312 is forwarded by virtual switches 310,312 via network interfaces 404 and inter-tier links 206 to one of masterswitches 204. Master switches 204 in turn serve as the fabric for thedata traffic and implement all switching and routing for the datatraffic.

As discussed above, the centralization of switching and routing forhosts 302 in master switch(es) 204 implies that the master switch 204receiving data traffic from a host 302 has knowledge of the source ofthe data traffic (e.g., link aggregation group (LAG) interface, physicalport, virtual port, etc.). Again, to permit communication of suchtraffic source information, communication via inter-tier links 206preferably utilizes a Layer 2 protocol, such as the Inter-Switch Link(ISL) protocol developed by Cisco Corporation or IEEE 802.1QnQ, thatincludes explicit tagging to establish multiple Layer 2 virtual localarea networks (VLANs) over DFP switching network 300. Each host 302preferably applies VLAN tags to data frames to communicate to therecipient master switch 204 the data traffic source (e.g., physicalport, LAG interface, virtual port (e.g., VM virtual network interfacecard (VNIC), Single Root I/O Virtualization (SR-IOV) NIC partition, orFCoE port), etc.) from which the data frame was received. Each such datatraffic source has a corresponding vport on each master switch 204, anddata frames originating at a data traffic source on a host 302 arehandled as if ingressing on the corresponding vport of the recipientmaster switch 204. For generality, data traffic sources on hosts 302 anddata ports 210 on follower switches 202 will hereafter be referred to asremote physical interfaces (RPIs) unless some distinction is intendedbetween the various types of RPIs.

In DFP switching networks 200 and 300, load balancing can be achievedthrough configuration of follower switches 202 and/or hosts 302. Forexample, in one possible embodiment of a static configuration, datatraffic can be divided between master switches 204 based on the sourceRPI. In this exemplary embodiment, if two master switches 204 aredeployed, each follower switch 202 or host 302 can be configured toimplement two static RPI groups each containing half of the total numberof its RPIs and then transmit traffic of each of the RPI groups to adifferent one of the two master switches 204. Similarly, if four masterswitches 204 are deployed, each follower switch 202 or host 302 can beconfigured to implement four static RPI groups each containingone-fourth of the total number of its RPIs and then transmit traffic ofeach of the RPI groups to a different one of the four master switches204.

With reference now to FIG. 5A, there is illustrated a high level blockdiagram of an exemplary embodiment of a switch 500 a, which may beutilized to implement any of the master switches 204 of FIGS. 2-3.

As shown, switch 500 a includes a plurality of physical ports 502 a-502m. Each port 502 includes a respective one of a plurality of receive(Rx) interfaces 504 a-504 m and a respective one of a plurality ofingress queues 506 a-506 m that buffers data frames received by theassociated Rx interface 504. Each of ports 502 a-502 m further includesa respective one of a plurality of egress queues 514 a-514 m and arespective one of a plurality of transmit (Tx) interfaces 520 a-520 mthat transmit data frames from an associated egress queue 514.

In one embodiment, each of the ingress queues 506 and egress queues 514of each port 502 is configured to provide multiple (e.g., eight) queueentries per RPI in the lower tier of the DFP switching network 200, 300from which ingress data traffic can be received on that port 502. Thegroup of multiple queue entries within a master switch 204 defined for alower tier RPI is defined herein as a virtual port (vport), with eachqueue entry in the vport corresponding to a VOQ. For example, for a DFPswitching network 200 as depicted in FIG. 2, port 502 a of switch 500 ais configured to implement, for each of k+l data ports 210 of thefollower switch 202 connected to port 502 a, a respective one of ingressvports 522 a 0-522 ak and a respective one of egress vports 524 a 0-524ak. If switch 500 a is implemented in a DFP switching network 300 asillustrated in FIG. 3, port 502 a is configured to implement arespective vport 522 for each of k+l data traffic sources in the host302 connected to port 502 a by an inter-tier link 206. Similarly, for aDFP switching network 200 as depicted in FIG. 2, port 502 m of switch500 a is configured to implement, for each of p+l data ports 210 of afollower switch 202 connected to port 502 m, a respective one of ingressvports 522 m 0-522 mp and a respective one of egress vports 524 m 0-524mp. If switch 500 a is implemented in a DFP switching network 300 asillustrated in FIG. 3, port 502 a implements a respective vport 522 foreach of k data traffic sources in the host 302 connected to port 502 aby an inter-tier link 206. As will be appreciated the number of ingressvports implemented on each of ports 502 may differ depending upon thenumber of RPIs on the particular lower tier entity (e.g., followerswitch 202 or host 302) connected to each of ports 502. Thus, each RPIat the lower tier of a DFP switching network 200 or 300 is mapped to aset of ingress and egress vports 522, 524 on a physical port 502 of eachmaster switch 204, and when data frames from that RPI are received onthe physical port 502, the receive interface 504 of port 502 can directthe data frames to the appropriate ingress vport 522 based on an RPIidentifier in the data traffic.

Master switch 204 can create, destroy, disable or migrate vports 522,524 across its physical ports 502 as needed depending, for example, onthe connection state with the lower tier entities 202, 302. For example,if a follower switch 202 is replaced by a replacement follower switch202 with a greater number of ports, master switches 204 willautomatically create additional vports 522, 524 on the relevant physicalport 502 in order to accommodate the additional RPIs on the replacementfollower switch 202. Similarly, if a VM 306 running on a host 302connected to a first physical port of a master switch 204 migrates to adifferent host 302 connected to a different second physical port of themaster switch 204 (i.e., the migration remains within the switchdomain), the master switch 204 will automatically migrate the vports522, 524 corresponding to the VM 306 from the first physical port 502 ofthe master switch 204 to the second physical port 502 of the masterswitch 204. If the VM 306 completes its migration within a predeterminedflush interval, data traffic for the VM 306 can be remarked by switchcontroller 530 a and forwarded to the egress vport 524 on the secondphysical port 502. In this manner, the migration of the VM 306 can beaccomplished without traffic interruption or loss of data traffic, whichis particularly advantageous for loss-sensitive protocols.

Each master switch 204 additionally detects loss of an inter-switch link206 to a lower tier entity (e.g., the link state changes from up todown, inter-switch link 206 is disconnected, or lower tier entityfails). If loss of an inter-switch link 206 is detected, the masterswitch 204 will automatically disable the associated vports 522, 524until restoration of the inter-switch link 206 is detected. If theinter-switch link 206 is not restored within a predetermined flushinterval, master switch 204 will destroy the vports 522, 524 associatedwith the lower tier entity with which communication has been lost inorder to recover the queue capacity. During the flush interval, switchcontroller 530 a permits data traffic destined for a disabled egressvport 524 to be buffered on the ingress side. If the inter-switch link206 is restored and the disabled egress vport 524 is re-enabled, thebuffered data traffic can be forwarded to the egress vport 524 withinloss.

Switch 500 a additionally includes a crossbar 510 that is operable tointelligently switch data frames from any of ingress queues 506 a-506 mto any of egress queues 514 a-514 m (and thus between any ingress vport522 and any egress vport 524) under the direction of switch controller530 a. As will be appreciated, switch controller 530 a can beimplemented with one or more centralized or distributed, special-purposeor general-purpose processing elements or logic devices, which mayimplement control entirely in hardware, or more commonly, through theexecution of firmware and/or software by a processing element.

In order to intelligently switch data frames, switch controller 530 abuilds and maintains one or more data plane data structures, forexample, a forwarding information base (FIB) 532 a, which is commonlyimplemented as a forwarding table in content-addressable memory (CAM).In the depicted example, FIB 532 a includes a plurality of entries 534,which may include, for example, a MAC field 536, a port identifier (PID)field 538 and a virtual port (vport) identifier (VPID) field 540. Eachentry 534 thus associates a destination MAC address of a data frame witha particular vport 520 on a particular egress port 502 for the dataframe. Switch controller 530 a builds FIB 332 a in an automated mannerby learning from observed data frames an association between ports 502and vports 520 and destination MAC addresses specified by the dataframes and recording the learned associations in FIB 532 a. Switchcontroller 530 a thereafter controls crossbar 510 to switch data framesin accordance with the associations recorded in FIB 532 a. Thus, eachmaster switch 204 manages and accesses its Layer 2 and Layer 3 QoS, ACLand other management data structures per vport corresponding to RPIs atthe lower tier.

Switch controller 530 a additionally implements a management module 550that serves as the management and control center for the unifiedvirtualized switch. In one embodiment, each master switch 204 includesmanagement module 350, but the management module 350 of only a singlemaster switch 204 (referred to herein as the managing master switch 204)of a given DFP switching network 200 or 300 is operative at any onetime. In the event of a failure of the master switch 204 then serving asthe managing master switch 204 (e.g., as detected by the loss ofheartbeat messaging by the managing master switch 204 via a master link208), another master switch 204, which may be predetermined or electedfrom among the remaining operative master switches 204, preferablyautomatically assumes the role of the managing master switch 204 andutilizes its management module 350 to provide centralized management andcontrol of the DFP switching network 200 or 300.

Management module 550 preferably includes a management interface 552,for example, an XML or HTML interface accessible to an administratorstationed at a network-connected administrator console (e.g., one ofclients 110 a-110 c) in response to login and entry of administrativecredentials. Management module 550 preferably presents via managementinterface 552 a global view of all ports residing on all switches (e.g.,switches 204 and/or 202) in a DFP switching network 200 or 300. Forexample, FIG. 6 is a view of DFP switching network 200 of FIG. 2presented as a virtualized switch 600 via management interface 552 inaccordance with one embodiment. In this embodiment, master switch 204can be considered a virtual switching chassis, with the followerswitches 202 serving a virtual line cards. In this example, virtualizedswitch 600, which can be, for example, graphically and/or tabularlyrepresented in a display of the administrator console, presentsvirtualized ports (Pa-Pf) 602 a corresponding to the data ports andinter-switch ports of follower switch 202 a, Pl-Pp 602 b correspondingto the data ports and inter-switch ports of follower switch 202 b, Pq-Ps602 c corresponding to the data ports and inter-switch ports of followerswitch 202 c, and Pw-Pz 602 d corresponding to the data ports andinter-switch ports of follower switch 202 d. In addition, virtualizedswitch 600 represents by Pg-Pk 602 e the inter-switch ports of masterswitch 204 a, and represents by Pt-Pv 602 f the inter-switch ports ofmaster switch 204 b. Further, virtualized switch 600 represents eachvport 522, 524 implemented on a master switch 204 with a respective setof virtual output queues (VOQs) 604. For example, each of vports 522,524 implemented on master switches 204 a, 204 b is represented by arespective one of VOQ sets 604 a-604 k. By interacting with virtualizedswitch 600, the administrator can manage and establish (e.g., viagraphical, textual, numeric and/or other inputs) desired control for oneor more (or all) ports or vports of one or more (or all) of followerswitches 202 and master switches 204 in DFP switching network 200 via aunified interface. It should be noted that the implementation of sets ofVOQs 604 a-604 k within virtualized switch 600 in addition tovirtualized ports Pa-Pf 602 a, Pl-Pp 602 b, Pq-Ps 602 c and Pw-Pz 602 denables the implementation of individualized control for data traffic ofeach RPI (and of each traffic classification of the data traffic of theRPI) at either tier (or both tiers) of a DFP switching network 200 or300. Thus, as discussed further below, an administrator can implement adesired control for a specific traffic classification of a particulardata port 210 of follower switch 202 a via interacting with virtualizedport Pa of virtualized switch 600. Alternatively or additionally, theadministrator can establish a desired control for that trafficclassification for that data port 210 by interacting with a particularVOQ corresponding to that traffic classification on the VOQ set 604representing the ingress vport 522 or egress vport 524 corresponding tothe data port 210.

Returning to FIG. 5A, switch controller 530 a further includes a controlmodule 560 a that can be utilized to implement desired control for dataframes traversing a DFP switching network 200 or 300. Control module 560a includes a local policy module 562 that implements a desired suite ofcontrol policies for switch 500 a at ingress and/or egress on aper-vport basis. Control module 560 may further include a local accesscontrol list (ACL) 564 that restricts ingress access to switch 500 a ona per-vport basis. The managing master switch 204 may optionally furtherinclude a remote policy module 566 and remote ACL 568, which implement adesired suite of control policies and access control on one or more offollower switches 202 or virtual switches 310, 312 upon ingress and/oregress on a per-data port basis. The managing master switch 204 canadvantageously push newly added or updated control information (e.g., acontrol policy or ACL) for another master switch 204, follower switch202 or virtual switch 310, 312 to the target switch via a reservedmanagement VLAN. Thus, ACLs, control policies and other controlinformation for traffic passing through the virtualized switch can beenforced by master switches 204 at the vports 522, 524 of the masterswitches 204, by follower switches 202 at data ports 210, and/or at thevirtual ports of virtual switches 310, 312.

The capability to globally implement policy and access control at one ormore desired locations within a DFP switching network 200 or 300facilitates a number of management features. For example, to achieve adesired load balancing among master switches 204, homogeneous orheterogeneous control policies can be implemented by follower switches202 and/or virtual switches 310, 312, achieving a desired distributionof the data traffic passing to the master switch(es) 204 for switchingand routing. In one particular implementation, the load distribution canbe made in accordance with the various traffic types, with differentcommunication protocols run on different master switches 204. Followerswitches 202 and hosts 302 connected to master switches 204 can thusimplement a desired load distribution by directing protocol data units(PDUs) of each of a plurality of diverse traffic types to the masterswitch 204 responsible for that protocol.

Although not explicitly illustrated in FIG. 5A, it should be appreciatedthat in at least some embodiments, switch controller 530 a may, inaddition to Layer 2 frame switching, additionally implement routing andother packet processing at Layer 3 (and above) as is known in the art.In such cases, switch controller 530 a can include a routing informationbase (RIB) that associates routes with Layer 3 addresses.

Referring now to FIG. 5B, there is depicted a high level block diagramof an exemplary embodiment of a switch 500 b, which may be utilized toimplement any of the follower switches 202 of FIG. 2. As indicated bylike reference numerals, switch 500 b may be structured similarly toswitch 500 a, with a plurality of ports 502 a-502 m, a switch controller530 b, and a crossbar switch 510 controlled by switch controller 530 b.However, because switch 500 b is intended to operate in a pass-throughmode that leaves the ultimate responsibility for forwarding frames withmaster switches 204, switch controller 530 b is simplified. For example,in the illustrated embodiment, each entry 534 of FIB 332 b includes acontrol field 570 for identifying values for one or more frame fields(e.g., destination MAC address, RPI, etc.) utilized to classify theframes (where the frame classifications are pushed to switch controller530 b by management module 350) and an associated PID field 538identifying the egress data port 502 of switch 530 b that is connectedto a master switch 204 for forwarding that classification of datatraffic. Control module 560 is similarly simplified, as no remote policy566 or remote ACLs 568 are supported. Finally, management module 550 canbe entirely omitted, as switch 500 b need not be equipped to serve as amaster switch 204.

With reference now to FIG. 7, there is illustrated a high level logicalflowchart of an exemplary process for managing a DFP switching networkin accordance with one embodiment. For convenience, the process of FIG.7 is described with reference to DFP switching networks 200 and 300 ofFIGS. 2-3. As with the other logical flowcharts illustrated herein,steps are illustrated in logical rather than strictly chronologicalorder, and at least some steps can be performed in a different orderthan illustrated or concurrently.

The process begins at block 700 and then proceeds to block 702, whichdepicts each of master switches 204 a, 204 b learning the membership andtopology of the DFP switching network 200 or 300 in which it is located.In various embodiments, master switches 204 a, 204 b may learn thetopology and membership of a DFP switching network 200 or 300, forexample, by receiving a configuration from a network administratorstationed at one of client devices 110 a-110 c, or alternatively,through implementation of an automated switch discovery protocol by theswitch controller 530 a of each of master switches 204 a, 204 b. Basedupon the discovered membership in a DFP switching network 200 or 300,the switch controller 530 a of each of master switches 204 implements,on each port 502, a respective ingress vport 522 and a respective egressvport 524 for each RPI in the lower tier of the DFP switching network200, 300 from which ingress data traffic can be received on that port502 (block 704). The managing master switch 204, for example, masterswitch 204 a, thereafter permits configuration, management and controlof DFP switching network 200 or 300 as a virtualized switch 600 throughmanagement interface 552 (block 706). It should be appreciated that as avirtualized switch 600, DFP switching network 200 or 300 can beconfigured, managed and controlled to operate as if all the virtualizedports 602 of virtualized switch 600 were within a single physicalswitch. Thus, for example, port mirroring, port trunking, multicasting,enhanced transmission selection (ETS) (e.g., rate limiting and shapingin accordance with draft standard IEEE 802.1 Qaz), and priority basedflow control can be implemented for virtualized ports 602 regardless ofthe switches 202, 310, 312 or hosts 302 to which the corresponding RPIsbelong. Thereafter, the management module 550 of the switch controller530 a of the managing master switch (e.g., master switch 204 a) pushescontrol information to other master switches 204, follower switches 202and/or virtual switches 310, 312 in order to property configure thecontrol module 560 and FIB 532 of the other switches (block 708). Theprocess of FIG. 7 thereafter ends at block 710.

Referring now to FIG. 8, there is depicted a high level logicalflowchart of an exemplary process by which network traffic is forwardedfrom a lower tier to an upper tier of a DFP switching network configuredto operate as a virtualized switch in accordance with one embodiment.For convenience, the process of FIG. 8 is also described with referenceto DFP switching network 200 of FIG. 2 and DFP switching network 300 ofFIG. 3.

The depicted process begins at block 800 and thereafter proceeds toblock 802, which depicts an RPI at the lower tier of the DFP switchingnetwork receiving a data frame to be transmitted to a master switch 204.As indicated by dashed line illustration at block 804, the followerswitch 202 or host 302 at which the RPI is located may optionallyenforce policy control or access control (by reference to an ACL) to thedata frame, if previously instructed to do so by the managing masterswitch 204.

At block 806, the follower switch 202 or host 302 at the lower tierapplies an RPI identifier (e.g., an S-tag) to the data frame to identifythe ingress RPI at which the data frame was received. The followerswitch 202 or host 302 at the lower tier then forwards the data frame toa master switch 204 in the upper tier of the DFP switching network 200or 300 (block 808). In the case of a follower switch 202, the data frameis forwarded at block 808 via the inter-switch egress port indicated bythe FIB 532 b. Thereafter, the process depicted in FIG. 8 ends at block810.

With reference to FIG. 9, there is illustrated a high level logicalflowchart of an exemplary process by which a master switch at the uppertier handles a data frame received from the lower tier of a DFPswitching network in accordance with one embodiment. The illustratedprocess begins at block 900 and then proceeds to block 902, whichdepicts a master switch 204 of a DFP switching network 200 or 300receiving a data frame from a follower switch 202 or host 302 on one ofits ports 502. In response to receipt of the data frame, the receiveinterface 504 of the port 502 at which the data frame was receivedpre-classifies the data frame according to the RPI identifier (e.g.,S-tag) specified by the data frame and queues the data frame to theingress vport 522 associated with that RPI (block 904). From block 904,the process depicted in FIG. 9 proceeds to both of blocks 910 and 920.

At block 910, switch controller 530 a accesses FIB 532 a utilizing thedestination MAC address specified by the data frame. If a FIB entry 534having a matching MAC field 536 is located, processing continues atblocks 922-928, which are described below. If, however, switchcontroller 530 a determines at block 910 that the destination MACaddress is unknown, switch controller 530 a learns the associationbetween the destination MAC address, egress port 502 and destination RPIutilizing a conventional discovery technique and updates FIB 532 aaccordingly. The process then proceeds to blocks 922-928.

At block 920, switch controller 530 a applies to the data frame anylocal policy 562 or local ACL 564 specified for the ingress vport 522 bycontrol module 560 a. In addition, switch controller 530 a performs anyother special handling on ingress for the data frame. As discussed ingreater detail below, this special handling can include, for example,the implementation of port trunking, priority based flow control,multicasting, port mirroring or ETS. Each type of special handling canbe applied to data traffic at ingress and/or at egress, as describedfurther below. The process then proceeds to blocks 922-928.

Referring now to blocks 922-924, switch controller 530 a updates the RPIidentifier of the data frame to equal that specified in the VPID field540 of the matching FIB entry 534 (or learned by the discovery process)and queues the data frame in the corresponding egress vport 524identified by the PID field 538 of the matching FIB entry 534 (orlearned by the discovery process). At block 926, switch controller 530 aapplies to the data frame any local policy 562 or local ACL 564specified for the egress vport 524 by control module 560 a. In addition,switch controller 530 a performs any other special handling on egressfor the data frame, including, for example, the implementation of porttrunking, priority based flow control, multicasting, port mirroring orETS. Master switch 204 thereafter forwards the data frame via aninter-switch link 206 to the lower tier (e.g., a follower switch 202 orhost 302) of the DFP switching network 200 or 300 (block 928). Theprocess shown in FIG. 9 thereafter terminates at block 930.

Referring now to FIG. 10, there is depicted a high level logicalflowchart of an exemplary process by which a follower switch 202 or host302 at the lower tier handles a data frame received from a master switchat the upper tier of a DFP switching network 200 or 300 in accordancewith one embodiment. The process depicted in FIG. 10 begins at block1000 and then proceeds to block 1002, which illustrates a lower tierentity, such as a follower switch 202 or a host 302, receiving a dataframe from a master switch 204, for example, at an inter-switch port 502of the follower switch 202 or at a network interface 404 or VMM 304 ofthe host 302.

In response to receipt of the data frame, the lower level entity removesfrom the data frame the RPI identifier updated by the master switch 204(block 1004). The lower level entity then flows through the data frameto the RPI identified by the extracted RPI identifier (block 1006).Thus, for example, switch controller 530 b accesses its FIB 532 b withthe RPI and/or destination MAC address of the data frame to identify amatching FIB entry 534 and then controls crossbar 510 to forward thedata frame to the port specified in the PID field 538 of the matchingFIB entry 534. A network interface 404 or VMM 304 of a host similarlydirects the data frame the RPI indicated by the RPI identifier.Thereafter, the process ends at block 1008.

With reference now to FIG. 11, there is illustrated a high level logicalflowchart of an exemplary method of operating a link aggregation group(LAG) in a DFP switching network in accordance with one embodiment. Linkaggregation is also variously referred to in the art as trunking, linkbundling, bonding, teaming, port channel, EtherChannel, and multi-linktrunking.

The process illustrated in FIG. 11 begins at block 1100 and thenproceeds to block 1102, which depicts the establishment at a masterswitch 204 of a DFP switching network 200 or 300 of a LAG comprising aplurality of RPIs. Unlike conventional LAGs, a LAG established in a DFPswitching network 200 or 300 can include RPIs of multiple different (andpossibly heterogeneous) follower switches 202 and/or hosts 302. Forexample, in DFP switching networks 200 and 300 of FIGS. 2-3, a singleLAG may include RPIs of one or more of follower switches 202 a-202 dand/or hosts 302 a-302 d.

In at least some embodiments, a LAG can be established at a masterswitch 204 by static configuration of the master switch 204, forexample, by a system administrator stationed at one of client devices110 a-110 c interacting with management interface 552 of the managingmaster switch 204. Alternatively or additionally, a LAG can beestablished at a master switch 204 by the exchange of messages betweenthe master switch 204 and one or more lower tier entities (e.g.,follower switches 202 or hosts 302) via the Link Aggregation ControlProtocol (LACP) defined in IEEE 802.1AX-2008, which is incorporatedherein by reference. Because the LAG is established at the master switch204, it should be appreciated that not all of the lower level entitiesconnected to a inter-switch link 206 belonging to the LAG need toprovide support for (or even have awareness of the existence of) theLAG.

The establishment of a LAG at a master switch 204 as depicted at block1102 preferably includes recordation of the membership of the LAG in aLAG data structure 1200 in switch controller 530 a as shown in FIG. 12.In the depicted exemplary embodiment, LAG data structure 1200 includesone or more LAG membership entries 1202 each specifying membership in arespective LAG. In one preferred embodiment, LAG membership entries 1202express LAG membership in terms of the RPIs or vports 520 associatedwith the RPIs forming the LAG. In other embodiments, the LAG mayalternatively or additionally be expressed in terms of the inter-switchlinks 206 connecting the master switch 204 and RPIs. As will beappreciated, LAG data structure 1200 can be implemented as a stand alonedata structure or may be implemented in one or more fields of anotherdata structure, such as FIB 532 a.

Following establishment of the LAG, master switch 204 performs specialhandling for data frames directed to RPIs within the LAG, as previouslymentioned above with reference to blocks 920-926 of FIG. 9. Inparticular, as depicted at block 1104, switch controller 530 a monitorsdata frames received for forwarding and determines, for example, byreference to FIB 532 a and/or LAG data structure 1200 whether or not thedestination MAC address contained in the data frame is known to beassociated with an RPI belonging to a LAG. In response to a negativedetermination at block 1104, the process passes to block 1112, which isdescribed below. If, however, switch controller 532 a determines atblock 1104 that a data frame is addressed to a destination MACassociated with an RPI belonging to a LAG, switch controller 532 aselects an egress RPI for the data frame from among the membership ofthe LAG.

At block 1110, switch controller 532 a can select the egress RPI fromamong the LAG membership based upon any of a plurality of LAG policies,including round-robin, broadcast, load balancing, or hashed. In oneimplementation of a hashed LAG policy, switch controller 532 a XORs thesource and destination MAC addresses and performs a modulo operation onthe result with the size of the LAG in order to always select the sameRPI for a given destination MAC address. In other embodiments, thehashed LAG policy can select the egress RPI based on different oradditional factors, including the source IP address, destination IPaddress, source MAC address, destination address, and/or source RPI,etc.

As indicated at block 1112, the “spraying” or distribution of dataframes across the LAG continues until the LAG is deconfigured, forexample, by removing a static configuration of the master switch 204 orvia LCAP. Thereafter, the process illustrated in FIG. 11 terminates atblock 1120.

The capability of implementing a distributed LAG at a master switch 204that spans differing lower level entities enables additional networkcapabilities. For example, in a DFP switching network 300 includingmultiple VMs 306 providing the same service, forming a LAG having allsuch VMs as members enables data traffic for the service to beautomatically load balanced across the VMs 306 based upon service tagand other tuple fields without any management by VMMs 304. Further, suchload balancing can be achieved across VMs 306 running on different VMMs304 and different hosts 302.

As noted above, the special handling optionally performed at blocks920-926 of FIG. 9 can include not only the distribution of frames to aLAG, but also multicasting of data traffic. With reference now to FIG.13, there is depicted a high level logical flowchart of an exemplarymethod of multicasting in a DFP switching network in accordance with oneembodiment. The process begins at block 1300 and then proceeds to blocks1302-1322, which illustrate the special handling performed by a masterswitch for multicast data traffic, as previously described withreference to blocks 920-926 of FIG. 9.

Specifically, at block 1310, switch controller 530 a of a master switch204 determines by reference to the destination MAC address or IP addressspecified within data traffic whether the data traffic requestsmulticast delivery. For example, IP reserves 224.0.0.0 through239.255.255.255 for multicast addresses, and Ethernet utilizes at leastthe multicast addresses summarized in Table I:

TABLE I Multicast address Protocol 01:00:0C:CC:CC:CC Cisco DiscoveryProtocol or VLAN Trunking Protocol (VTP) 01:00:0C:CC:CC:CD Cisco SharedSpanning Tree Protocol Addresses 01:80:C2:00:00:00 IEEE 802.1D SpanningTree ProtocolIn response to a determination at block 1310 that the data traffic doesnot require multicast handling, no multicast handling is performed forthe data traffic (although other special handling may be performed), andthe process iterates at block 1310. If, however, switch controller 530 adetermines at block 1310 that ingressing data traffic is multicasttraffic, process passes to block 1312.

At block 1312, switch controller 530 a performs a lookup for themulticast data traffic in a multicast index data structure. For example,in one exemplary embodiment shown in FIG. 14, switch controller 530 aimplements a Layer 2 multicast index data structure 1400 for Layer 2multicast frames and a Layer 3 multicast index data structure 1410 forLayer 3 multicast packets. In the depicted exemplary embodiment, Layer 2multicast index data structure 1400, which may be implemented, forexample, as a table, includes a plurality of entries 1402 eachassociating a four-tuple field 1404, which is formed of an ingress RPI,source MAC address, destination MAC address and VLAN, with an indexfield 1406 specifying an index into a multicast destination datastructure 1420. Layer 3 multicast index data structure 1410, which maybe similarly implemented as a table, includes a plurality of entries1412 each associating a two-tuple field 1404, which is formed of asource Layer 3 (e.g., IP) address and multicast group ID, with an indexfield 1406 specifying an index into a multicast destination datastructure 1420. Multicast destination data structure 1420, which canalso be implemented as a table or linked list, in turn includes aplurality of multicast destination entries 1422, each identifying one ormore RPIs at the lower tier to which data traffic is to be transmitted.Layer 2 multicast data structure 1400, Layer 3 multicast index datastructure 1410 and multicast destination data structure 1420 are allpreferably populated by the control plane in a conventional MC learningprocess.

Thus, at block 1312, switch controller 530 a performs a lookup to obtainan index into multicast destination data structure 1420 in Layer 2multicast index data structure 1400 if the data traffic is a Layer 2multicast frame and performs the lookup in Layer 3 multicast index datastructure 1410 if the data traffic is a L3 multicast packet. Asindicated at block 1314, master switch 204 can handle the multicast ofthe data traffic through either ingress replication or egressreplication, with the desired implementation preferably configured inswitch controller 530 a. If egress replication is configured on masterswitch 204, the process proceeds to block 1316, which illustrates switchcontroller 530 a causing a single copy of the data traffic to traversecrossbar 510 and to be replicated in each egress queue 514 correspondingto an RPI identified in the multicast destination entry 1422 identifiedby the index obtained at block 1312. As will be appreciated, egressreplication of multicast traffic reduces utilization of the bandwidth ofcrossbar 510 at the expense of head-of-line (HOL) blocking Followingblock 1316, processing of the replicated data traffic by master switch204 continues as previously described in FIG. 9 (block 1330).

If, on the other hand, master switch 204 is configured for ingressreplication, the process proceeds from block 1314 to block 1320, whichillustrates switch controller 530 a causing the multicast data trafficto be replicated within each of the ingress queues 506 of the ports 502having output queues 514 associated with the RPIs identified in theindexed multicast destination entry 1422. As will be appreciated,ingress replication in this manner eliminates HOL blocking Followingblock 1320, the data traffic undergoes additional processing asdiscussed above with reference to FIG. 9. In such processing, switchcontroller 530 a controls crossbar 510 to transmit the multicast datatraffic replicated on ingress directly from the ingress queues 506 tothe egress queues 514 of the same ports 502.

As will be appreciated, the implementation of MC handling at a masterswitch 204 of a DFP switching network 200 as described rather than atfollower switches 202 enables the use of simplified follower switches202, which need not be capable of multicast distribution of datatraffic.

As described above with reference to blocks 920-926 of FIG. 9, thespecial handling of data traffic in an DFP switching network mayoptionally include the application of ETS to data traffic. FIG. 15 is ahigh level logical flowchart of an exemplary method of enhancedtransmission selection (ETS) in a DFP switching network 200 or 300 inaccordance with one embodiment.

The process depicted in FIG. 15 begins at block 1500 and then proceedsto block 1502, which depicts the configuration of master switch 204 toimplement ETS, for example, via management interface 552 on the managingmaster switch 204 of the DFP switching network 200 or 300. In variousembodiments, ETS is configured to be implemented at ingress and/oregress of master switch 204.

ETS, which is defined in draft standard IEEE 802.1Qaz, establishesmultiple traffic class groups (TCGs) and specifies priority oftransmission (i.e., scheduling) of data traffic in the various TCGs fromtraffic queues (e.g., ingress vports 522 or egress vports 524) in orderto achieve a desired balance of link utilization among the TCGs. ETS notonly establishes minimum guaranteed bandwidth for each TCG, but alsopermits lower-priority traffic to consume utilized bandwidth nominallyavailable to higher-priority TCGs, thereby improving link utilizationand flexibility while preventing starvation of lower priority traffic.The configuration of ETS at a master switch 204 can include, forexample, the establishing and/or populating an ETS data structure 1600as depicted in FIG. 16 within the switch controller 530 a of the masterswitch 204. In the exemplary embodiment shown in FIG. 16, ETS datastructure 1600, which can be implemented, for example, as a table,includes a plurality of ETS entries 1602. In the depicted embodiment,each ETS entry 1602 includes a TCG field 1604 defining the traffictype(s) (e.g., Fibre Channel (FC), Ethernet, FC over Ethernet (FCoE),iSCSI, etc.) belonging to a given TCG, a minimum field 1606 defining(e.g., in absolute terms or as a percentage) a guaranteed minimumbandwidth for the TCG defined in TCG field 1604, and a maximum field1608 defining (e.g., in absolute terms or as a percentage) a maximumbandwidth for the TCG defined in TCG field 1604.

Returning to FIG. 15, following the configuration of ETS on a masterswitch 1502, the process proceeds to blocks 1504-1510, which depict thespecial handling optionally performed for ETS at blocks 920-926 of FIG.9. In particular, block 1504 illustrates master switch 204 determiningwhether or not a data frame received in an ingress vport 520 or egressvport 522 belongs to a traffic class belonging to a presently configuredETS TCG, for example, as defined by ETS data structure 1600. As will beappreciated, the data frame can be classified based upon the Ethertypefield of a conventional Ethernet frame or the like. In response to adetermination at block 1504 that the received data frame does not belongto an presently configured ETS TCG, the data frame receives best effortsscheduling, and the process proceeds to block 1512, which is describedbelow.

Returning to block 1504, in response to a determination the receiveddata frame belongs to a presently configured ETS TCG, master switch 204applies rate limiting and traffic shaping to the data frame to complywith the minimum and maximum bandwidths specified for the ETS TCG withinthe fields 1606, 1608 of the relevant ETS entry 1602 of ETS datastructure 1600 (block 1510). As noted above, depending on configuration,master switch 204 can apply the ETS to the VOQs at ingress vports 522and/or egress vports 524. The process then proceeds to block 1512, whichillustrates that master switch 204 implements ETS for a traffic class asdepicted at blocks 1504 and 1510 until ETS is deconfigured for thattraffic class. Thereafter, the process illustrated in FIG. 15 terminatesat block 1520.

In a DFP switching network 200 or 300, flow control can advantageouslybe implemented not only at master switches 204, as described withreference to FIGS. 15-16, but also at the RPIs of lower tier entities,such as follower switches 202 and hosts 302. With reference now to FIG.17, there is illustrated a high level logical flowchart of an exemplarymethod by which a DFP switching network 200 or 300 implementspriority-based flow control (PFC) and/or other services at a lower tier.

The process shown in FIG. 17 begins at block 1700 and then proceeds toblock 1702, which represents a master switch 204 implementingpriority-based flow control (PFC) for an entity at a lower tier of a DFPswitching network 200 or 300, for example, in response to (1) receipt ata managing master switch 204 executing a management module 550 of a PFCconfiguration for a virtualized port 602 a-602 d corresponding to atleast one RPI of a lower tier entity or (2) receipt at a master switch204 of a standards-based PFC data frame originated by a downstreamentity in the network and received at the master switch 204 via apass-through follower switch 202. As will be appreciated by thoseskilled in the art, a standards-based PFC data frame can be generated bya downstream entity that receives a data traffic flow from an upstreamentity to notify the upstream entity of congestion for the traffic flow.In response to an affirmative determination at block 1702 that a masterswitch 204 has received a PFC configuration for a lower tier entity, theprocess proceeds to block 1704, which illustrates the master switch 204building and transmitting to at least one lower tier entity (e.g.,follower switch 202 or host 302) a proprietary data frame enhanced withPFC configuration fields (hereinafter called a proprietary PFC dataframe) in order to configure the lower tier entity for PFC. Thereafter,the process depicted in FIG. 17 ends at block 1706.

Referring now to FIG. 18, there is depicted the structure of anexemplary proprietary PFC data frame 1800 in accordance with oneembodiment. As previously described with reference to block 1704 of FIG.17, proprietary PFC data frame 1800 may be built by a master switch 204and transmitted to a lower tier entity of a DFP switching network, suchas a follower switch 202 or host 302, in order to implement PFC at thelower tier entity.

In the depicted exemplary embodiment, proprietary PFC data frame 1800 isimplemented as an expanded Ethernet MAC control frame. Proprietary PFCdata frame 1800 consequently includes a destination MAC address field1802 specifying the MAC address of an RPI at the lower tier entity fromwhich the master switch 204 may receive data frames and a source MACaddress field 1804 identifying the egress vport on master switch 204from which the proprietary PFC data frame 1800 is transmitted. Addressfields 1802, 1804 are followed by an Ethertype field 1806 identifyingPFC data frame 1800 as a MAC control frame (e.g., by a value of 0x8808).

The data field of proprietary PFC data frame 1800 then begins with a MACcontrol opcode field 1808 that indicates proprietary PFC data frame 1800is for implementing flow control (e.g., by a PAUSE command value of0x0101). MAC control opcode field 1808 is followed by a priority enablevector 1810 including an enable field 1812 and a class vector field1814. In one embodiment, enable field 1812 indicates by the state of theleast significant bit whether or not proprietary PFC data frame 1800 isfor implementing flow control at an RPI at the lower tier entity that isthe destination of proprietary PFC data frame 1800. Class vector 1814further indicates, for example, utilizing multi-hot encoding, for whichof N classes of traffic that flow control is implemented by proprietaryPFC data frame 1800. Following priority enable vector 1810, proprietaryPFC data frame 1800 includes N time quanta fields 1820 a-1820 n eachcorresponding to a respective one of the N classes of traffic for whichflow control can be implemented. Assuming enable field 1812 is set toenable flow control for RPIs and the corresponding bit in class vector1814 is set to indicate flow control for a particular traffic class, agiven time quanta filed 1820 specifies (e.g., as a percentage or as anabsolute value) a maximum bandwidth of transmission by the RPI of datain the associated traffic class. The RPI for which flow control isconfigured by proprietary PFC data frame 1800 is further specified byRPI field 1824.

Following the data field, proprietary PFC data frame 1800 includesoptional padding 1826 to obtain a predetermined size of proprietary PFCdata frame 1800. Finally, proprietary PFC data frame 1800 includes aconventional checksum field 1830 utilized to detect errors inproprietary PFC data frame 1800.

As will be appreciated, proprietary PFC data frame 1800 can be utilizedto trigger functions other than flow control for RPIs. For example,proprietary PFC data frame 1800 can also be utilized to trigger services(e.g., utilizing special reserved values of time quanta fields 1820) fora specified RPI. These additional services can include, for example,rehashing server load balancing policies, updating firewallrestrictions, enforcement of denial of service (DOS) attack checks, etc.

With reference to FIG. 19A, there is illustrated a high level logicalflowchart of an exemplary process by which a lower level entity of a DFPswitching network 200 or 300, such as a follower switch 202, processes aproprietary PFC data frame 1800 received from a master switch 204 inaccordance with one embodiment.

The process begins at block 1900 and then proceeds to block 1902, whichillustrates a pass through lower level entity, such as a follower switch202, monitoring for receipt of a proprietary PFC data frame 1800. Inresponse to receipt of a proprietary PFC data frame 1800, which isdetected, for example, by classification based on MAC control opcodefield 1808, the process proceeds from block 1902 to block 1904. Block1904 depicts the follower switch 202 (e.g., switch controller 530 b)converting the proprietary PFC data frame 1800 to a standards-based PFCdata frame, for example, by extracting non-standard fields 1810, 1820and 1824. Follower switch 202 then determines an egress data port 210for the standards-based PFC data frame, for example, by converting theRPI extracted from RPI field 1824 into a port ID by reference to FIB 532b, and forwards the resulting standards-based PFC data frame via thedetermined egress data port 210 toward the source of data trafficcausing congestion (block 1906). Thereafter, the process shown in FIG.19A ends at block 1910. It should be noted that because PFC can beindividually implemented per-RPI, the described process can be utilizedto implement different PFC for different RPIs on the same lower tierentity (e.g., follower switch 202 or host 302). Further, because theRPIs at the lower tier entities are represented by VOQs 604,individualized PFC for one or more of RPIs can alternatively andselectively be implemented at master switches 204, such that the sameport 502 implements different PFC for data traffic of different vports522, 524.

Referring now to FIG. 19B, there is depicted a high level logicalflowchart of an exemplary process by which a lower level entity of a DFPswitching network 200 or 300, such as a host platform 302, processes aproprietary PFC data frame 1800 received from a master switch 204 inaccordance with one embodiment.

The process begins at block 1920 and then proceeds to block 1922, whichillustrates a network interface 404 (e.g., a CNA or NIC) of a hostplatform 302 monitoring for receipt of a proprietary PFC data frame1800, for example, by classifying ingressing data frames based on MACcontrol opcode field 1808. In response to detecting receipt of aproprietary PFC data frame 1800, the process proceeds from block 1922 toblock 1930. Block 1930 depicts the network interface 404 transmittingthe proprietary PFC data frame 1800 to VMM 304 for handling, forexample, via an interrupt or other message. In response to receipt ofthe proprietary PFC data frame 1800, hypervisor 304 in turn transmitsthe proprietary PFC data frame 1800 to the VM 306 associated with theRPI indicated in RPI field 1824 of the proprietary PFC data frame 1800(block 1932). In response, VM 306 applies PFC (or other serviceindicated by proprietary PFC data frame 1800) for the specificapplication and traffic priority indicated by proprietary PFC data frame1800 (block 1934). Thus, PFC can be implemented per-priority,per-application, enabling, for example, a data center server platform toapply a different PFC to a first VM 306 (e.g., a video streaming server)than to a second VM 306 (e.g., an FTP server), for example, in responseto back pressure from a video streaming client in communication with thedata center server platform. Following block 1934, the process depictedin FIG. 19B ends at block 1940.

As has been described, in some embodiments, a switching network includesan upper tier including a master switch and a lower tier including aplurality of lower tier entities. The master switch includes a pluralityof ports each coupled to a respective one of the plurality of lower tierentities. Each of the plurality of ports includes a plurality of virtualports each corresponding to a respective one of a plurality of remotephysical interfaces (RPIs) at the lower tier entity coupled to thatport. Each of the plurality of ports also includes a receive interfacethat, responsive to receipt of data traffic from a particular lower tierentity among the plurality of lower tier entities, queues the datatraffic to the virtual port among the plurality of virtual ports thatcorresponds to the RPI on the particular lower tier entity that was thesource of the data traffic. The master switch further includes a switchcontroller that switches data traffic from the virtual port to an egressport among the plurality of ports from which the data traffic isforwarded.

In some embodiments of a switching network including an upper tier and alower tier, a master switch in the upper tier, which has a plurality ofports each coupled to a respective lower tier entity, implements on eachof the ports a plurality of virtual ports each corresponding to arespective one of a plurality of remote physical interfaces (RPIs) atthe lower tier entity coupled to that port. Data traffic communicatedbetween the master switch and RPIs is queued within virtual ports thatcorrespond to the RPIs on lower tier entities with which the datatraffic is communicated. The master switch enforces priority-based flowcontrol (PFC) on data traffic of a given virtual port by transmitting,to a lower tier entity on which a corresponding RPI resides, a PFC dataframe specifying priorities for at least two different classes of datatraffic communicated by the particular RPI.

In some embodiments of a switching network including an upper tier and alower tier, a master switch in the upper tier, which has a plurality ofports each coupled to a respective lower tier entity, implements on eachof the ports a plurality of virtual ports each corresponding to arespective one of a plurality of remote physical interfaces (RPIs) atthe lower tier entity coupled to that port. Data traffic communicatedbetween the master switch and RPIs is queued within virtual ports thatcorrespond to the RPIs with which the data traffic is communicated. Themaster switch applies data handling to the data traffic in accordancewith a control policy based at least upon the virtual port in which thedata traffic is queued, such that the master switch applies differentpolicies to data traffic queued to two virtual ports on the same port ofthe master switch.

While the present invention has been particularly shown as describedwith reference to one or more preferred embodiments, it will beunderstood by those skilled in the art that various changes in form anddetail may be made therein without departing from the spirit and scopeof the invention. For example, although aspects have been described withrespect to one or more machines (e.g., hosts and/or network switches)executing program code (e.g., software, firmware or a combinationthereof) that direct the functions described herein, it should beunderstood that embodiments may alternatively be implemented as aprogram product including a tangible machine-readable storage medium orstorage device (e.g., an optical storage medium, memory storage medium,disk storage medium, etc.) storing program code that can be processed bya machine to cause the machine to perform one or more of the describedfunctions.

What is claimed is:
 1. A method of switching in a switching networkincluding an upper tier and a lower tier including a plurality offollower switches, wherein each of the plurality of follower switches isa physical switch including an inter-switch port and a plurality of dataports, and wherein all data traffic ingressing the plurality of dataports is switched between the data ports and the inter-switch port inpass-through mode, the method comprising: at a master switch in theupper tier having a plurality of master switch ports each coupled to arespective one of the plurality of follower switches, implementing oneach of the plurality of master switch ports a plurality of virtualports each corresponding to a respective one of the plurality of dataports at the follower switch coupled to that master switch port; queuingdata traffic communicated between the master switch and data ports onthe plurality of follower switches within virtual ports among theplurality of virtual ports that correspond to the data ports on followerswitches with which the data traffic is communicated; the master switchswitching data traffic directly between an ingress virtual port on aningress master switch port among the plurality of master switch portsand an egress virtual port on an egress master switch port among theplurality of master switch ports; the master switch forwarding the datatraffic directly from the egress virtual port toward an inter-switchport of a follower switch at the lower tier; and the master switchapplying data handling to the data traffic in accordance with a controlpolicy based at least upon the virtual port in which the data traffic isqueued, wherein the master switch applies different policies to datatraffic queued to two virtual ports on the same one of the plurality ofmaster switch ports.
 2. The method of claim 1, wherein each of thepluralities of virtual ports comprises a plurality of sets of virtualqueues at ingress of a corresponding master switch port.
 3. The methodof claim 2, wherein: the data traffic includes a port identifieridentifying a data port on the particular follower switch; and thequeuing includes queuing the data traffic to virtual ports based on theport identifier.
 4. The method of claim 1, wherein each of thepluralities of virtual ports comprises a plurality of sets of virtualqueues at egress of a corresponding master switch port.
 5. The method ofclaim 1, wherein applying data handling comprises multicasting the datatraffic to multiple virtual ports.
 6. The method of claim 1, whereinapplying data handling comprises distributing the data traffic across asubset of the plurality of virtual ports forming a link aggregationgroup.
 7. The method of claim 6, wherein the subset of the plurality ofvirtual ports correspond to data ports at different ones of theplurality of follower switches.
 8. The method of claim 1, whereinapplying data handling comprises applying traffic shaping to the datatraffic.
 9. The method of claim 1, wherein applying data handlingcomprises applying rate-limiting to the data traffic.
 10. The method ofclaim 1, wherein the master switch queues data traffic to the pluralityof virtual ports and applies data handling based on service tagsspecified by the data traffic.
 11. A hierarchical switching network,comprising: a lower tier including a plurality of follower switches,wherein each of the plurality of follower switches is a physical switchincluding an inter-switch port and a plurality of data ports, andwherein all data traffic ingressing the plurality of data ports isswitched between the data ports and the inter-switch port inpass-through mode; an upper tier including a master switch implementingunified management, control and data planes for itself and the pluralityof follower switches, the master switch including: a plurality of masterswitch ports each coupled to an inter-switch port of a respective one ofthe plurality of follower switches, and wherein each master switch portamong the plurality of master switch ports includes a plurality ofvirtual ports each corresponding to a respective one of a plurality ofdata ports at the follower switch coupled to that said master switchport, wherein data traffic communicated between the master switch anddata ports on the plurality of follower switches is queued to virtualports among the plurality of virtual ports that correspond to the dataports on follower switches with which the data traffic is communicated;and a switch controller that switches data traffic directly between aningress virtual port on an ingress master switch port among theplurality of master switch ports and an egress virtual port on an egressmaster switch port among the plurality of master switch ports; whereinthe master switch forwards the data traffic directly from the egressvirtual port toward an inter-switch port of a follower switch andwherein the master switch applies data handling to the data traffic inaccordance with a control policy based at least upon one of the virtualports in which the data traffic is queued, such that the master switchapplies different policies to data traffic queued to two virtual portson a same one of the plurality of master switch ports.
 12. The switchingnetwork of claim 11, wherein each of the pluralities of virtual portscomprises a plurality of sets of virtual queues at ingress of acorresponding master switch port.
 13. The switching network of claim 12,wherein: the data traffic includes a port identifier identifying a dataport on the particular follower switch; and the master switch queues thedata traffic to virtual ports based on the port identifier.
 14. Theswitching network of claim 11, wherein each of the pluralities ofvirtual ports comprises a plurality of sets of virtual queues at egressof a corresponding master switch port.
 15. The switching network ofclaim 11, wherein applying data handling comprises multicasting the datatraffic to multiple virtual ports.
 16. The switching network of claim11, wherein applying data handling comprises distributing the datatraffic across a subset of the plurality of virtual ports forming a linkaggregation group.
 17. The switching network of claim 16, wherein thesubset of the plurality of virtual ports correspond to data ports atdifferent ones of the plurality of follower switches.
 18. The switchingnetwork of claim 11, wherein applying data handling comprises applyingtraffic shaping to the data traffic.
 19. The switching network of claim11, wherein applying data handling comprises applying rate-limiting thedata traffic.
 20. The switching network of claim 11, wherein the masterswitch queues data traffic to the plurality of virtual ports and appliesdata handling to the data traffic based on service tags specified by thedata traffic.
 21. A program product, comprising: a tangiblemachine-readable storage device; and program code stored within thetangible machine-readable storage device, wherein the program code, whenprocessed by a machine, causes the machine to perform: in a hierarchicalswitching network including an upper tier having a master switch and alower tier having a plurality of physical follower switches, the masterswitch having a plurality of master switch ports each coupled to aninter-switch port of a respective one of the plurality of followerswitches, wherein each of the plurality of follower switches includes aplurality of data ports and wherein all data traffic ingressing theplurality of data ports is switched between the data ports and theinter-switch port in pass-through mode, the master switch implementingon each of the plurality of master switch ports a plurality of virtualports each corresponding to a respective one of the plurality of dataports at the follower switch coupled to that master switch port; themaster switch queuing ingressing data traffic communicated between themaster switch and data ports on the plurality of follower switcheswithin ingress virtual ports among the plurality of virtual ports thatcorrespond to the data ports on follower switches from which the datatraffic is received; the master switch switching data traffic directlyfrom ingress virtual ports to egress virtual ports among the pluralityof virtual ports; the master forwarding data traffic directly from theegress virtual ports toward inter-switch ports of the plurality offollower switches; and the master switch implementing unifiedmanagement, control and data planes for itself and the plurality offollower switches, wherein implementing the unified control planeincludes the master switch applying data handling to the data traffic inaccordance with a control policy based at least upon the virtual port inwhich the data traffic is queued, wherein the master switch appliesdifferent policies to data traffic queued to two virtual ports on a sameone of the plurality of master switch ports.
 22. The program product ofclaim 21, wherein applying data handling comprises multicasting the datatraffic to multiple virtual ports.
 23. The program product of claim 21,wherein applying data handling comprises distributing the data trafficacross a subset of the plurality of virtual ports forming a linkaggregation group.
 24. The program product of claim 23, wherein thesubset of the plurality of virtual ports correspond to data ports atdifferent ones of the plurality of follower switches.
 25. The programproduct of claim 21, wherein applying data handling comprises applyingtraffic shaping to the data traffic.
 26. The program product of claim21, wherein applying data handling comprises applying rate-limiting tothe data traffic.
 27. The program product of claim 21, wherein theprogram code causes the master switch to queue data traffic to theplurality of virtual ports and apply data handling to the data trafficbased on service tags specified by the data traffic.
 28. A master switchfor a hierarchical switching network including an upper tier includingthe master switch and a lower tier including a plurality of followerswitches, wherein each of the plurality of follower switches is aphysical switch including an inter-switch port and a plurality of dataports, and wherein all data traffic ingressing data ports of theplurality of follower switches is switched between the data ports andthe inter-switch port in pass-through mode, the master switch including:a plurality of master switch ports each coupled to an inter-switch portof a respective one of the plurality of follower switches, and whereineach master switch port among the plurality of master switch portsincludes a plurality of virtual ports each corresponding to a respectiveone of a plurality of data ports at the follower switch coupled to thatsaid master switch port, wherein data traffic communicated between themaster switch and data ports on the plurality of follower switches isqueued to virtual ports among the plurality of virtual ports thatcorrespond to the data ports on follower switches with which the datatraffic is communicated; and a switch controller that switches datatraffic directly between an ingress virtual port on an ingress masterswitch port among the plurality of master switch ports and an egressvirtual port on an egress master switch port among the plurality ofmaster switch ports; wherein the master switch is configured toimplement unified management, control and data planes for itself and theplurality of follower switches, wherein the master switch forwards thedata traffic directly from the egress virtual port toward aninter-switch port of a follower switch and wherein the master switchapplies data handling to the data traffic in accordance with a controlpolicy based at least upon one of the virtual ports in which the datatraffic is queued, such that the master switch applies differentpolicies to data traffic queued to two virtual ports on a same one ofthe plurality of master switch ports.